65aae010ce
more libs for moodle and teacher priv esc to rce module
2021-09-04 13:31:11 -04:00
5ea2cf9e5a
moodle_admin_shell_upload working and minor other fixes
2021-08-29 16:59:44 -04:00
176c1f0751
moodle lib and module
2021-08-29 10:50:25 -04:00
a35be13958
moodle 3.8.0 tested
2021-08-28 08:10:28 -04:00
c0a8535764
moodle spellcheck rce
2021-08-27 19:51:52 -04:00
c9bdd96c76
remove GIT_HOOK option
...
post-checkout is the only hook that will work
with this exploit, so no option is needed. Also update
the documentation to reflect that.
2021-08-12 10:18:13 -05:00
0fe761b838
modify options and add documentation
2021-08-12 10:18:12 -05:00
ade653f0bf
Final fixup edits to change the timeout value to be an advanced option and also to use send_req_cgi
2021-08-05 13:10:24 -05:00
00cfdc4f17
Use Faker to generate a fake app name, add in option to specify timeout to server, and also fix Alan's remaining review comments
2021-08-05 09:46:34 -05:00
0d7d5ab93f
Switch over to Rex::MIME::Message to use our built in mixins, and also fix last remaining review comments
2021-08-02 11:17:26 -05:00
27f70af1b3
Fix up some of the mistakes wvu pointed out
2021-07-30 15:28:10 -05:00
3427571887
Push up working CVE-2019-11580 exploit and associated documentation
2021-07-30 12:07:12 -05:00
183caff15c
Land #15418 , add modern events calendar rce
2021-07-26 09:45:05 -05:00
38ae82155e
modify info, fix spacing
2021-07-26 09:43:34 -05:00
9e95eb7be1
Land #15408 , add Wordpress sp doc file upload
2021-07-23 12:36:29 -05:00
d207f994c0
modify doc description
...
randomize form data, formatting
2021-07-23 12:33:41 -05:00
1a55cfc88c
Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2021-07-23 10:12:10 +02:00
76a7233ee9
Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2021-07-23 10:12:00 +02:00
cf9a5be774
Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2021-07-23 10:11:49 +02:00
9eb8d521f8
Update documentation/modules/exploit/multi/http/wp_plugin_modern_events_calendar_rce.md
...
Co-authored-by: Shelby Pace <40177151+space-r7@users.noreply.github.com >
2021-07-23 10:08:19 +02:00
79d49a6857
Land #15402 , add Wordpress Backup Guard rce
2021-07-20 15:53:57 -05:00
f738383b98
rename docs, modify privileged to false
...
use vars_get in upload request
2021-07-20 15:31:38 -05:00
109ca7ec7a
Update documentation/modules/exploit/multi/http/wp_plugin_sp_project_document_rce.md
...
Co-authored-by: Spencer McIntyre <58950994+smcintyre-r7@users.noreply.github.com >
2021-07-20 09:05:27 +02:00
d26d9f50fa
Update wordpress_plugin_backup_guard_rce.md
2021-07-12 14:29:35 +02:00
ba69294967
Update wp_plugin_sp_project_document_rce.md
2021-07-12 14:28:35 +02:00
6934ec7d18
initial commit
2021-07-12 14:25:38 +02:00
5c8aa9b802
Add in ForgeRock demonstration and fix up some last minor issues with the documentation to make it more accurate
2021-07-09 16:43:25 -05:00
fba838f4e8
Update docs, pin version and fix the check method
2021-07-09 16:39:58 -04:00
d9233b9d98
typo 2
2021-07-09 11:54:25 +02:00
3f2d7cda10
typo
2021-07-09 11:51:52 +02:00
920b88a2bd
initial commit
2021-07-09 11:49:53 +02:00
38cdad47c0
initial commit
2021-07-08 16:53:37 +02:00
a0bd903b50
Update module docs and the TARGETURI option
2021-07-06 15:52:50 -04:00
bfc45359ff
More documentation updates and address PR feedback
2021-07-06 11:27:06 -04:00
deb78275d0
Make the requested documentation changes
2021-07-06 09:55:19 -04:00
0a43ec7e4a
Add module for CVE-2021-35464; pre-auth RCE in ForgeRock OpenAM server
2021-07-02 16:05:39 -05:00
537a7763f5
Land #15337 , Update apache_activemq_upload_jsp.rb to fix missing checks and add missing slashes to some requests
2021-06-14 15:28:40 -05:00
5b274770ef
Update exploit code to add missing slashes to certain important parts of the code where the exploit might fail if a custom path is supplied, and also improve the error handling in the code overall
2021-06-14 15:02:38 -05:00
eb76aae2a7
Merge branch 'master' of github.com:rapid7/metasploit-framework into hashicorp_nomad
2021-05-25 15:56:13 -05:00
6dccf0dd20
Adding Nomad documentation
2021-05-18 10:12:04 -05:00
2b837a9d11
Add ssl setup documentation for gitlab
2021-05-17 23:59:08 +01:00
5a0360228f
Update cockpit cms module
2021-05-12 17:20:31 +01:00
4a93f15c80
Land #15136 , Set microfocus_ucmdb_unauth_deser default payload to reverse_python
2021-05-02 10:27:05 +00:00
e6b605369e
UCMDB: remove warning from docs and change Linux target to reverse_python
2021-05-02 16:53:02 +07:00
165b25275a
minor documentation fix
2021-04-30 22:32:47 +01:00
f267f0866c
Fix up documentation typos and improve JavaScript using comments from @timwr's review.
2021-04-30 10:54:09 -05:00
9b528645b1
Fix minor typo on the Pwn2Own year
2021-04-27 13:26:27 -05:00
5541988d10
Upload working exploit and documentation for CVE-2021-21220
2021-04-27 13:23:35 -05:00
dcf457f7e9
Fix a typo in Eclipse Equinox product name
...
The osgi_console_exec module docs had a few stray characters for the
product name and description. The product name confused me when
googling for this module.
2021-04-23 11:57:48 +01:00
93c7727622
Land #15058 , Cockpit CMS RCE
2021-04-21 13:21:55 +01:00
h00die